In my blog post Defining Input Parameters For Policy Definitions in ARM Template I’ve showed you how to use deploy policy definitions with parameters via ARM template. I didn’t described completely on why such workaround is needed but I think now it is good time to explain that as well. The topic is a little bit complex so I hope my explanation will help you understand it.
Azure Policy team has a GitHub repository of Policy definitions examples. Recently I’ve been looking at some of the examples there and I’ve noticed that one of them was not working correctly. Specifically I am referring to Platform Image Policy. Additionally the example contains only the rules. It does not have ARM template for deploying the definition. You will notice also that the policy is pretty static as it does not contain parameters. Because of that based on that sample I would like to create an example on my own and show it to you.
Recently I’ve came into the following situation. I needed to store a json as Azure Automation string variable. To do that is easy as you just need to pass the json as text by first escaping it. That is easy peasy when using PowerShell. But what if you want to pass the json as object parameter via ARM template parameters file and do the escape completely within the ARM template. Apparently that is possible as well and I will show you how.
Subscription Level Template deployments is relatively new feature. Support for Azure CLI was added in version 2.0.40 and for AzureRM PowerShell module is yet to come. Basically instead of deploying resources at resource group you are doing that at subscription level. This opens a lot of possibilities some of which are:
Yesterday I got the news that I am renewed as Microsoft MVP for another year. It was quite busy and eventful year for me in both personal and work life. I am glad that I still have managed to earn this recognition. This is my 6th MVP award in a row and I am happy that I’ve got it. Congratulations also to all the other MVPs who got awarded!